Every CVE whose affected-product data names Novell Ichain, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2005-0744 — CVSS 10.0 (critical): The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing…
CVE-2004-2579 — CVSS 7.5 (high): ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack…
CVE-2003-0636 — CVSS 7.5 (high): Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows…
CVE-2005-0798 — CVSS 7.5 (high): Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for…
CVE-2003-0638 — CVSS 7.5 (high): Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a…
CVE-2004-2314 — CVSS 7.5 (high): The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, which allows remote…
CVE-2004-2580 — CVSS 5.8 (medium): Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors.
CVE-2003-0637 — CVSS 5.0 (medium): Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote…
CVE-2004-2581 — CVSS 5.0 (medium): Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string."
CVE-2004-2582 — CVSS 5.0 (medium): Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain…
CVE-2003-0635 — CVSS 5.0 (medium): Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized…
CVE-2003-0639 — CVSS 5.0 (medium): Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.
CVE-2005-0746 — CVSS 5.0 (medium): The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the…
CVE-2004-2757 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship…